About Us

News

PHISHING– A GUIDE TO AVOID GETTING CAUGHT

10 April 2022

P Hishing 08By Ashton De Kock

Email has become the de facto standard for modern business communication. The benefits of specific, point in time, and accurate communication ensures that actions are processed as intended in an efficient manner. However – as with any other service in the IT landscape – email has a dark side which could be leveraged by would-be attackers (hackers). Consider the recent high-profile hacks of Transunion and Experian: Information is a sought-after commodity for the enrichment of criminals and any information will do.

Security systems for the IT environment are usually designed with strict rules. The rule cannot be broken or overridden when a computer encounters a problem, hence the security is kept intact. Email is the most attractive entry point into a computer network to hackers because of the human touch. As humans we respond to information which appears to be legitimate to us, sometimes ignoring obvious clues to the contrary.

In the most basic example, you might receive an email in your inbox inviting you to click a link to open a file which has been shared with you. At first glace the email appears to be on the level, but on closer inspection you notice that the email hasn’t originated from the sender you thought they were. The link points to malicious software which compromises your pc or cellphone and gives the hackers access to your information. This is known as Phishing.

Phishing emails range from incredibly poorly written and sent out to hundreds of thousands of email addresses, to targeted and meticulously constructed. It has become harder and harder to identify those well-crafted phishing emails in recent years. According to Microsoft’s support website, you can use these methods to identify a potential phishing email:

Urgent Call to Action or Threat:

Be suspicious of emails that claim you must click, call, or open an attachment immediately. Often, they will claim you have to act now to claim a reward, make an urgent payment, or avoid a penalty. Creating a false sense of urgency is a common trick of phishing attacks and scams.

First Time or Infrequent Senders:

While it is not unusual to receive an email from someone for the first time, especially if they are outside your organization, this can be a sign of phishing. When you get an email from somebody you do not recognize, or that Outlook identifies as a new sender, take a moment to examine it extra carefully before you proceed.

Spelling and Bad Grammar:

Professional companies or organizations usually have an editorial staff to ensure customers get high-quality, professional content. If an email message has obvious spelling or grammatical errors, it might be a scam. These errors are sometimes the result of awkward translation from a foreign language, and sometimes they are deliberate in an attempt to evade filters that try to block these attacks.

Generic Greetings:

An organization that works with you should know your name and these days it's easy to personalize an email. If the email starts with a generic "Dear sir or madam" that is a warning sign that it might not really be your bank or shopping site.

Suspicious Links or Unexpected Attachments:

If you suspect that an email message is a scam, don't open any links or attachments that you see. Instead, hover your mouse over, but do not click, the link to see if the address matches the link that was typed in the message. In the following example, resting the mouse on the link reveals the real web address in the box with the yellow background. Note that the string of IP address numbers looks nothing like the company's web address.

Picture1

Mismatched Email Domains:

If the email claims to be from a reputable company, like Microsoft or your bank, but the email is being sent from another email domain like Yahoo.com, or microsoftsupport.ru it is probably a scam. Also be watchful for very subtle misspellings of the legitimate domain name. Like micros0ft.com where the second "o" has been replaced by a zero, or rnicrosoft.com, where the "m" has been replaced by an "r" and a "n". These are common tricks of scammers.

Here is an example one of our clients sent us, where the email appeared to come from our offices. On closer inspection, we saw that the email address was a .jp address and not from ambiton.co.za.

Picture2

The Microsoft website further advises that you should never click links or attachments in suspicious emails. If you are unsure, rather phone the person with a number you have searched for independently (not one provided in the email you received) and confirm whether the mail is legitimate.

Another tell-tale sign that the link or attachment could be dangerous is that you are immediately asked for your login credentials or asked to run a file after clicking it. Pay particular attention to any website which opens if you follow a link in an email by reading the address bar on top of the website.

As we migrate further into the online world, links are fast becoming part of our daily lives. While it might no be possible to avoid all scams, following these tips could help you to avoid getting caught by phishing.